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Detailed Action 

Claims 29, 31-34, 36-38 are pending in this Office Action. 

Claim 29 is amended. 

Claims 1-28, 30, 35 remain cancelled. 

1 

Response to Arguments 

Applicant's arguments filed in the amendment filed 12/31/07 have been fully considered 
but are found not persuasive. See remarks below. 

Applicant's invention as claimed : 

Claim Rejections - i5 USC §103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claim 29, 30-34, 36-38 are rejected under 35 U.S.C. 103(a) as being unpatentable by 
U.S. Patent No. 6,496,855 by Hunt et al. 

Regarding claim 29, the Hunt reference teaches 

a system for fraud prevention by authenticating a user at a first Internet site (Hunt: col. 2, 
lines 47-51 shows a user is verified; col. 4, lines 1 1-22, 30-41 teach protecting data for 
preventing fraud), comprising: 
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an Internet-connected verification server for performing the authentication (Hunt: col. 2, 
lines 36-51; the server); and 

an Internet-connected appliance operable by the user for sending a request for 
authentication to the first Internet site (Hunt: col 1, lines 56-61; the user; col. 5, lines 1-10; 
RAS); 

wherein the user specifies sites not associated with the first Internet site known to the 
user as capable of accepting the user's username-password pair included in the request for 
authentication and a username-password pair for the user (Hunt: col. 2, lines 47-60; col. 6, lines 
48-52; Fig. 1), and the server, in response to the request causes automatic navigation to sites and 
attempts a login on behalf of the user with the username-password pair, successful login at the 
sites allowing authentication of the user at the first Internet site (Hunt: col. 4, lines 1-5, 23-26), 

The Hunt reference does not explicitly state a second and third Internet sites. 

However, the Hunt reference does address the plurality of Internet sites that a user 
registers and authenticates with as a problem in which the invention is overcoming (Hunt: coL 1, 
lines 21-23, 30-35) in order to protect user data and privacy with the growth number of sites a 
user registers with (Hunt: col. 1, lines 21-54). 

It would have been obvious at the time of the invention to one of ordinary skill in the art 
to create the system of fraud preventing by Hunt to include a second and third site that a client 
wishes to login as taught in the background of Hunt in order to protect user data and privacy with 
the growth number of sites a user registers with (Hunt: col, 1, lines 21-54). 

Regarding claim 31, the system of claim 29, wherein the verification server is a first server, and 
the request is sent from the appliance to a second server on the network, which forwards at least 
a portion of the request to the first server, and the first server returns an indication of verification 
after causing the navigation and log-in attempt to the second and third sites provided by the user 
(Hunt: col. 2, lines 36-60; first server is target web server; second server is registration agent 
server; col. 8, lines 39-42). 
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Regarding claim 32, the system of claim 29, wherein all or a portion of the request is compared 
against stored user profile data for verification purposes (Hunt: coL3, lines 31-40; col. 2, lines 
47-51). 

Regarding claim 33, the system of claim 29, wherein the request comprises at least three or more 
user specified network destination sites and username-password pairs for the sites, and 
authenfication is a number based on log-in results (Hunt: col. 6, lines 48-52; col. 8, lines 43- col. 
9, line 15; Fig. 1). 

Regarding claim 34, the Hunt reference teaches 

a method for fraud prevention by authenticating a user at a first Internet site (Hunt: col. 2, 
lines 47-51 shows a user is verified; col. 4, lines 1 1-22, 30-41 teach protecting data for 
preventing fraud), comprising the steps of: 

(a) accepfing by a server an authenticafion request from the user comprising at least a 
plurality of Internet sites known to the user as capable of accepting the user's username-pair for 
each site and the username-password pairs are included in the authentication request from the 
user (Hunt: col. 2, lines 47-60; col. 6, lines 48-52); 

(b) causing, by the server, automatic navigation to the sites and an automatic login 
attempt on behalf of the user with the username-password pairs (Hunt: col. 4, lines 1-5, 23-26); 
and 

(c) reporting an indication of authenticity of the user according to success or failure of the 
login attempts (Hunt: coL 8, lines 39-42). 

The Hunt reference does not explicitly state a second and third Internet site. 

However, the Hunt reference does address the plurality of Internet sites that a user 
registers and authenticates with as a problem in which the invention is overcoming (Hunt: col. 1, 
lines 21-23, 30-35) in order to protect user data and privacy with the growth number of sites a 
user registers with (Hunt: col. 1, lines 21-54). 
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It would have been obvious at the time of the invention to one of ordinary skill in the art 
to create the system of fraud preventing by Hunt to include a second and third site that a client 
wishes to login as taught in the background of Hunt in order to protect user data and privacy with 
the growth number of sites a user registers with (Hunt: col. 1, lines 21-54). 

Regarding claim 36, the method of claim 34 wherein the server is a first server, and the request is 
sent from the appliance to a second server on the network, which forwards at least a portion of 
the request to the first server, and the first server returns and indication of authenticity after 
causing the navigation and log-in attempt at the sites provided by the user (Hunt: col. 2, lines 36- 
60; first server is target web server; second server is registration agent server; col. 8, lines 39- 
42). 

Regarding claim 37, the method of claim 34 wherein all or a portion of the request is compared 
against stored user profile data for verification purposes (Hunt: coL3, lines 31-40; col. 2, lines 
47-51). 

Regarding claim 38, the method of claim 34, wherein the request comprises three or more sites 
and username-password pairs for the Internet sites, and authentication is a number based on log- 
in results (Hunt: col. 6, lines 48-52; coL 8, lines 43- col 9, line 15). 

Remarks 

Applicant has presented a minor amendment to independent claim 29 and presented 
arguments directed to the Hunt reference. Applicant broadly argues that which the Hunt 
reference is concerned with, not how the instant claims distinguish from the reference. 
The Applicant Argues : 

The Hunt reference does not teach the limitations of the claimed invention. 
In response , the examinerjespectfully submits: 

The examiner maintains the rejection because the Hunt reference does teach the claimed 
limitations. 
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Preamble. With respect to the preamble, Applicant argues the Hunt reference fails to 
teach a fraud prevention system as claimed. 

Hunt teaches 'a system for fraud prevention by authenticating a user at a first Internet 
site' in col. 2, lines 47-51 and col. 4, lines 1 1-22, 30-41. Hunt teaches preventing fraud by 
utilizing a third party proxy login system for registration and repeated login to sites. The first site 
is the website in which the "registration agent site provides ... to complete registration forms for 
websites by proxy and logging into their sites on repeat visits." Fraud is interpreted to be 
"intentional deception." Hunt clearly teaches a fraud prevention system by the proxy controlling 
access to the email address and protecting the users email address from being used as spam. 

First limitation. With respect to the first limitation, Applicant argues Hunt does not 
teach "an Internet-connected verification server for performing the authentication." 

The Hunt reference does teach the limitation, specifically in col. 2, lines 36-40 where 
Hunt teaches each service computer or server node is internet connected. The Hunt reference 
teaches the registration agent computer or registration agent server also is connected to the 
internet. Lines 46-51 of Hunt teach verifying a user identity and password. Fig. 5 confirms this 
notion with the requirement of login before the RAS can transfer site login details. 

Second limitation. With respect to the second limitation, Applicant argues Hunt does not 
teach "an Internet-connected appliance operable by the user for sending a request for 
authentication to the first Internet site." 

The Hunt reference does teach the limitation specifically in col. I, lines 56-61 and col. 6, 
lines 1-10. Col. 1 is relied upon to show a user who is interactive and involved with the fraud 
prevention system. The user fills in private and personal data as indicated in col. 6, The RAS 
system is an internet-connected appliance operated on by the user for repeatedly logging into 
other sites. See Fig 5 for the flow of events in which a user logs into the RAS before sending 
requests to authenticate to other websites. 
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Third Limitation and Motivation. With respect to the third limitation, Applicant argues 
the Hunt reference does not teach "wherein the user specifies a second and third Internet site not 
associated with the first Internet site and known to the user as capable of accepting the user's 
username-password pair included in the request for authentication and a username-password pair 
for the user, and the server, in response to the request, causes automatic navigation to the second 
and third site sites and attempts a login on behalf of the user with the username-password pair, 
successful login at the second and third sites allowing authentication of the user at the first 
Internet site." 

The Hunt reference makes the claim limitation unpatentable. Hunt teaches a user 
specifying sites not associated with the first Internet site in col. 2, lines 47-60 and col. 6, lines 
48-52 because the Hunt reference shows a user logs into a first site, the RAS system, and then 
registers or logs into other sites specified by the user through data structures and forms as 
initiated/entered by the user in col. 6. The other websites are known to the user as capable of 
accepting requests for authentication because the user's id-password pair associated with other 
sites has already been registered with the corresponding web service or site. 

The server which is interpreted to be 'an internet-connected verification server' in 
response to the request, which is interpreted to be the request for authentication, causes 
automatic navigation to sites and attempts a login on behalf of the user with the id-password pair 
is taught by Hunt is the one of the most rudimentary features of the invention. Hunt teaches col. 
4, lines 1-5, 23-26 the RAS server "logging into sites on repeat visits" so the user doesn't have to 
retype all the information. The act of logging in by proxy is the "caused navigation" to the other 
sites for attempted login. 

The examiner has admitted Hunt does not teach all the claim limitations in a 102 
interpretation but that the broad claim limitations are unpatentable as an obvious variation of 
Hunt. 

The Hunt reference does not explicitly state a second and third Internet sites. 
However, the Hunt reference does address the plurality of Internet sites that a user 
registers and authenticates with as a problem in which the invention is overcoming (Hunt: col. 1, 
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lines 21-23, 30-35 and Fig. 1) in order to protect user data and privacy with the growth number 
of sites a user registers with (Hunt: col. 1, lines 21-54). 

It would have been obvious at the time of the invention to one of ordinary skill in the art 
to create the system of fraud preventing by Hunt to include a second and third site that a client 
wishes to login as taught in the background of Hunt in order to protect user data and privacy with 
the growth number of sites a user registers with (Hunt: col. 1, lines 21-54). The motivation to 
extend the proxy login to additional sites is given both in classification and idea of the prior art 
(proxy authentication and proxy login by third party systems for fraud prevention) as well as 
non-explicit embodiments where other web services and web sites are shown (Fig. 1, 
background). 

Regarding claim 34, applicant provides similar arguments to those outlined above. The 
examiner maintains the rejections on all claims, specifically claims 34 for the same reasons as 
cited above. 

The examiner feels that applicant continues to write broad claim limitations and does not 
want to further detail the claims. 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
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will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Benjamin R. Bruckart whose telephone number is (571) 272- 
3982. The examiner can normally be reached on 8:00-5:30PM with every other Friday off 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Saleh Najjar can be reached on (571) 272-4006. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
Benjamin R Bruckart 




